REMARKS 

Claims 1-86 were presented for examination and were rejected. Applicant is hereby 
amending claims 1, 2, 5, 7-12, 15-24, 26, 28-32, 35-50, 52, 55, 57, and 68-86. Support for all 
amendments is found in the application as originally filed. Reconsideration of this application as 
amended, and allowance of all claims herein, claims 1-86 as amended, are hereby respectfully 
requested. 

In the second paragraph of his final Office Action, the Examiner objected to claims 24, 
27, and 53 because of certain informalities. All of these informalities were typographical errors 
inadvertently inserted into the Amendment mailed March 15, 2005. Since said Amendment did 
not purport to amend these three claims, but rather simply stated them incorrectly, it is not 
necessary to amend said claims. 

For the above reasons, the Examiner is requested to withdraw his objection to claims 24, 
27, and 53; and to allow these claims as amended. 

In the third paragraph of his final Office Action, the Examiner objected to Figures 1 and 7 
of the drawings. 

The Examiner objected to Figure 1 on the grounds that reference characters 108 and 222 
have both been used to designate the same element. This objection is traversed, inasmuch as 
reference numeral 222 does not appear in Figure 1 . Reference numeral 222 appears correctly in 
other drawing Figures. It does not appear in Figure 7, and it should. Therefore, Applicant is 
hereby adding reference numeral 222 to Figure 7, 

The Examiner objected to Figure 7 because of a lack of consistency with the other 
drawings with respect to reference numerals 232 and 252. These reference numerals are used 
correctly in Figure 7. However, Figure 1 1 shows that TBV DATA within trusted verifier 201 is 
labeled "252" rather than "232". Applicant is hereby correcting this reference numeral to "232" 
in Figure 1 1 . 

Applicant is hereby correcting reference numeral "204 IP' 1 which labels the OCSP in item 
104 within Figure 4 to "204 RP". Also in Figure 4, Applicant is hereby correcting the reference 
numeral "202 IP" that labels the TC within item 104 to "202 RP". 
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Applicant is hereby resubmitting Figure 5, because when it was submitted with the 
Amendment mailed March 15, 2005, it was incorrectly submitted upside-down. 

Applicant is hereby submitting replacement sheets for Figures 4, 5, 7, and 1 1, as an 
appendix to this Amendment C . These replacement sheets overcome the Examiner's objections, 
and correct other errors as well. 

For the above reasons, the Examiner is requested to withdraw his objections to the 
drawings; and to accept the drawings as currently updated. 

In the fourth paragraph of his final Office Action, the Examiner rejected claims 18 and 35 
"and the intervening claims" under 35 U.S.C. §112, first paragraph. 

Applicant traverses this rejection. The Examiner asserted that Applicant's previous 
amendments to claims 18 and 35 (in which a plurality of hashes corresponding to a plurality of 
browser components at a first point in time are compared to a plurality of hashes corresponding 
to a plurality of browser components at a second point in time) resulted in claims that were not 
described in the specification in such a way as to reasonably convey to one skilled in the art that 
the inventor had possession of the claimed invention. 

The Examiner appears to be basing his assertion only on the original claims and not on 
the specification. Applicant directs the Examiner to the following portions of the specification 
that detail the features of claims 18 and 35 relating to creating hashes of the browser 
components: page 2 lines 14-20; page 6 lines 13-18; page 6 line 34 through page 7 line 9; page 7 
lines 25-32; page 9 lines 28-35; and page 1 1 line 31 through page 12 line 3. 

The above arguments were made in the Amendment mailed September 2, 2005. In the 
fifth paragraph of his Advisory Action, the Examiner indicated that said arguments were 
sufficient to overcome this 35 U.S.C. §112 rejection. Therefore, the Examiner is requested to 
withdraw his rejection of claims 18 and 35 "and the intervening claims"; and to allow these 
claims as amended. 

In the fifth paragraph of his final Office Action, the Examiner rejected claims 1, 18, 35, 
50, and 68 under 35 U.S.C. §101, alleging that "the system itself does not include hardware". 

Applicant traverses this rejection. There is no requirement in the patent statute, the patent 
rules, or any court decision requiring that a patent claim must "include hardware". To the 
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contrary, in construing this section of the patent statute, the U.S. Supreme Court held that a live, 
human-made micro-organism was patentable subject matter under §101, stating: "The 
Committee Reports accompanying the 1952 Act inform us that Congress intended statutory 
subject matter to 'include anything under the sun that is made by man.' S. Rep. No. 1979, 82d 
Cong., 2d Sess., 5 (1952); H.R. Rep. No. 1923, 82d Cong., 2d Sess., 6 (1952)." Diamond v. 
Chakrabartv . 447 U.S. 303, 206 USPQ 193 (1980). 

For the above reasons, the Examiner is requested to withdraw his rejection of claims 1, 
18, 35, 50, and 68; and to allow these claims as amended. 

In the sixth paragraph of his final Office Action, the Examiner rejected claims 1-17 under 
35 U.S.C. § 102(e) as being anticipated by Orrin . 

Applicant is hereby amending claims 1-17 to more particularly point out novel aspects of 
his invention. 

As amended, claims 1-17 now all recite a two-tiered digital signature method in which 
the first digital signature is affixed by executable browser software and the second digital 
signature verifies the trustworthiness of the executable browser software itself. These recitations 
are not suggested by Orrin . Orrin shows multiple digital signatures; however: 

• The multiple digital signatures are all affixed to non-executable data (electronic 
documents). In the present invention, the first digital signature is affixed to non-executable data 
but the second digital signature is affixed to executable software. 

• The digital signatures are affixed to the same entity, or to nested versions of the same 
entity. In Applicant's claims, on the other hand, the first digital signature is affixed to a first 
entity (an electronic document) and the second digital signature is affixed to a completely 
separate entity (the executable browser software). 

Because Orrin digitally signs only non-executable data, only the trustworthiness of said 
non-executable data can be verified. Such a trust model is incomplete, in that a corrupted 
browser may have been used to create the signed electronic documents. Applicant's invention 
addresses this problem, by verifying the trustworthiness of the browser itself, by including the 
second digital signature verifying the browser's trustworthiness. 

Thus, Orrin does not suggest novel and surprising features of the claims 1-17 as amended. 
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For the above reasons, the Examiner is requested to withdraw his rejection of claims 1- 
17; and allow these claims as amended. 

In the seventh paragraph of his final Office Action, the Examiner rejected claims 18-49 
under 35 U.S.C. §102(e) (sic) over Shear in view of Renaud. 

In his Advisory Action, the Examiner clarified that "the statement 'in view of Renaud' 
was a typographical error since Renaud was not mentioned in the rejection of these claims." 
Thus, Applicant will treat this rejection as a rejection of claims 18-49 under 35 U.S.C. § 102(e) as 
being anticipated by Shear alone. 

Applicant is hereby amending claims 18-49 to more particularly point out novel aspects 
of his invention. All of claims 18-49 recite "an executable browser software module" 
(independent claim 18) or "an executable software browser" (independent claim 35). 

Shear 's invention authenticates executable load modules, but there is no suggestion in 
Shear that the load module can be a browser, as required by Applicant's claims. 

Furthermore, all of Applicant's claims 18-49 recite that each of the first and second sets of 
hashes is multi-partite: there is a first hash of the browser in its entirety, and, in addition, a 
plurality of hashes corresponding to a plurality of browser components. 

Furthermore, all of claims 1 8-49 contain the recitation that the determination of the 
trustworthiness of the executable browser is performed subsequent to the browser having 
executed (by virtue of its having digitally signed an electronic document). In Shear , on the other 
hand, the comparison of hashes of the executable load module is performed before the 
executable load module executes. To verify the trustworthiness of the load module after its 
execution would be contrary to the purpose of Shear , which is to validate the trustworthiness of 
the load module prior to its running in a protected processing environment. Such a system is 
used to insure that the load module has not been tampered with prior to its operation, in order to 
avoid executing a compromised program. Applicant's invention is not concerned with the 
validity of an executable program to be run in the future (such as Shear 's load module). Rather, 
Applicant's invention is concerned with determining the validity of a digitally signed document 
by ensuring the validity of the signature and the trustworthiness of the browser that digitally 
signed the document in the past . 
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These novel features of Applicant's invention are not suggested by Shear . 

Further with respect to dependent claims 22, 23, 39, and 40, Shear does not suggest the 
"unknown" status of a browser as recited in said claims. 

Further with respect to dependent claim 24, Shear does not suggest the step of receiving 
from a requestor a request to determine the trustworthiness of the browser module, the request 
including the second set of hashes, as recited in claim 24. 

Further with respect to dependent claims 46-49, Shear does not suggest the first customer, 
second customer, transaction, buyer relationship, or seller relationship recited in said claims. 

For the above reasons, the Examiner is requested to withdraw his rejection of claims 18- 
49; and to allow these claims as amended. 

In the "sixth" paragraph of his final Office Action (which the Examiner should have 
denominated as his eighth paragraph, since he already had a sixth paragraph), the Examiner 
rejected claims 50-86 under 35 U.S.C. § 103(a) as being unpatentable over Shear . 

Applicant is hereby amending claims 50-86 to more particularly point out novel aspects 
of his invention. 

All of claims 50-86 recite a four-corner trust model comprising a root entity, a first 
participant, a second participant, a first customer of the first participant, and a second customer 
of the second participant. Shear does not suggest these five recited entities. 

Secondly, all of claims 50-86 recite that the second set of hashes is transmitted by the first 
customer to the second customer, using a network connection. Shear does not suggest 
transmitting hashes anywhere. Shear 's hash comparisons are performed at the same 
microprocessor. 

Additionally, Shear does not suggest the set of hashes recited in all of claims 50-86. For 
each verification of an executable load module, Shear takes just one hash. (Admittedly, Shear 
sometimes performs several different verifications on the same load module.) 

Further with respect to dependent claims 53, 56, 71, and 75, Shear does not suggest the 
"unknown" browser status recited in these claims. 
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Further with respect to dependent claims 57, 58, 59, 76, 77, and 78, Shear does not 
suggest the transaction recited in these claims. 

Further with respect to dependent claims 60 and 79, Shear does not suggest the operating 
rules recited by these claims. 

Further with respect to dependent claims 61, 62, 80, and 81, Shear does not suggest the 
financial institution recited in these claims. 

Further with respect to dependent claims 63, 64, 82, and 83, Shear does not suggest the 
transaction coordinator recited in these claims. 

Further with respect to dependent claims 65, 66, 84, and 85, Shear does not suggest the 
integration of the trusted verifier as recited in these claims. 

For the above reasons, the Examiner is requested to withdraw his rejection of claims 50- 
86; and to allow these claims as amended. 

Applicant believes that this application is now in condition for allowance of all claims 
herein, claims 1-86 as amended, and therefore an early Notice of Allowance is respectfully 
requested. If the Examiner disagrees or believes that for any other reason, direct contact with 
Applicant's attorney would help advance the prosecution of this case to finality, he is invited to 
telephone the undersigned at the number given below. 



SONNENSCHEIN NATH & ROSENTHAL LLP 
P.O. Box 061080 

Wacker Drive Station, Sears Tower 
Chicago, IL 60606-1080 
Tel.: (415)882-2402 

enclosures 

cc : IP/T docketing CH (w/encl.) 
L. Miller (w/encl.) 
K. Ruthenberg (w/encl.) 



Respectfully submitted, 



date of signature: 




Edward J. Radio 
Attorney Under Rule 34 
Reg. No. 26,793 
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